Heads Of State On NSO Spyware List

Uploaded on 2021-07-24 in INTELLIGENCE--International, FREE TO VIEW, TECHNOLOGY--Hackers

French President Emmanuel Macron leads a list of 14 current or former heads of state who may have been targeted for hacking by clients of the Israeli spyware firm NSO GroupPresident Macron has had to change his phone and phone number because Pegasus spyware, most probably targeted him, a French government official said. Ironically, Macron has recently held an emergency meeting on cyber security at the Élysée Palace. 

New evidence uncovered by a consortium of investigative journalists, collectively known as the 'Pegasus Project' has revealed that the phone numbers for heads of state, including President Macron, Pakistan’s Imran Khan and South Africa’s Cyril Ramaphosa, as well as hundreds of government officials, were selected as 'people of interest' by clients of spyware company NSO Group.  

Other potential targets found on a list of 50k phone numbers leaked to the charity Amnesty International include Barham Salih of Iraq, King Mohammed VI of Morocco and three current prime ministers, Imran Khan of Pakistan, Mustafa Madbouly of Egypt and Saad Eddine El Othmani of Morocco.

Amnesty International’s Security Lab has performed in-depth forensic analysis of numerous mobile devices from human rights defenders and journalists around the world. This research has uncovered widespread, persistent and ongoing unlawful surveillance and human rights abuses perpetrated using NSO Group’s Pegasus spywareThirty-seven phones identified in the Pegasus Project investigation were either breached or shows signs of attempted infection.

In Paris, the city's Prosecutor’s Office announced that it too was investigating the suspected widespread use of NSO’s military-grade Pegasus spyware to target journalists, human rights activists and politicians in multiple countries.

The Paris prosecutor’s office said in a statement that it opened an investigation into a raft of potential charges, including violation of privacy, illegal use of data and illegally selling spyware. As is common under French law, the investigation doesn’t name a suspected perpetrator but is aimed at determining who might eventually be sent to trial. It was prompted by a legal complaint by two journalists and investigative website Mediapart. An official in Macron’s office said authorities would investigate Le Monde’s report, and if the targeting is proven, it would be “extremely grave.”

Amnesty International’s Secretary General Agnes Callamard said: “The unprecedented revelation that the phones of at least fourteen heads of state may have been hacked using NSO Group’s Pegasus spyware should send a chill down the spine of world leaders... We have long known that activists and journalists are targets of this surreptitious phone-hacking – but it’s clear that even those at the highest levels of power cannot escape the sinister spread of NSO’s spyware." 

NSO Group can no longer hide behind the claim that its spyware is only used to fight crime, it appears that Pegasus is also the spyware of choice for those wanting to snoop on foreign governments, according to the claims of Pegasus Project invetigators.

“NSO Group must immediately stop selling its equipment to countries with a track record of putting human right defenders and journalists under unlawful surveillance...  The Israeli government should also not authorise licenses for the export of NSO Group’s cyber surveillance technology if there is a substantial risk it could be used for human rights violations.” Callamard, said in a statement.

Another company identified by Amnesty as hosting NSO servers was cloud computing dvelopment firm, DigitalOcean. When contacted by The Associated Press, DigitalOcean neither confirmed nor denied whether it had identified or cut off such servers. “All of the infrastructure outlined in the Amnesty report is no longer on DigitalOcean,” it said in an emailed statement.

The consortium’s findings significantly widen the scope of alleged abuses in which NSO Group has been implicated. Those include the surveillance of friends and relatives of journalist Jamal Khashoggi, who was killed inside the Saudi consulate in Istanbul in 2018, and highlight what critics call the urgent need to regulate global sales of commercial hacking tools. Leading French daily newspaper Le Monde said the phone numbers for Macron and other government members were among thousands allegedly selected by NSO clients for potential surveillance. In this case, the client was an unidentified Moroccan security service, according to Le Monde.

Consortium members said they were able to link more than 1,000 numbers in 50 countries on the list with individuals, including more than 600 politicians and government officials and 189 journalists. The largest share were in Mexico and the Middle East, where Saudi Arabia is reported to be among NSO clients. Also on the list were phone numbers in Azerbaijan, Kazakhstan, Pakistan, Morocco and Rwanda, as well as ones for several Arab royal family members, the consortium reported.

NSO Group has denied that it ever maintained “a list of potential, past or existing targets and Le Monde has quoted NSO as saying the French president was never targeted by its clients. The source of the leak  and how it was authenticated  has not been disclosed.

While a phone number’s presence in the data does not mean an attempt was made to hack a device, the consortium said it was confident the data indicated potential targets of NSO’s government clients.

Multiple lawsuits by alleged victims have been filed against NSO Group including by Facebook over the Israeli firm’s alleged hacking of its WhatsApp application and investigations are under way to determine whether the spyware was actually installed on the phones or whether data was retrieved.

Amnesty International:    France24:   Washington Post:   Guardian:     Marketwatch:   

APNews:   Security Week:      Military.com:      

You Might Also Read: 

Wanted: An International Cyber Security Law

 

« IBM Watson In Demand
The State Of Cyber Security In Healthcare »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

Adlink Technology

Adlink Technology

ADLINK is a leading provider of embedded computing products and services for applications including IoT and industrial automation.

CyberTrap

CyberTrap

CyberTrap is an advanced highly-interactive deception technology allowing real-time analysis and control of security breaches.

PrivateCore

PrivateCore

We protect data-in-use from hackers trying to steal data such as encryption keys, certificates, intellectual property.

Sysmosoft

Sysmosoft

Sysmosoft specializes in providing highly secured telecommunication solutions for mobile devices for companies requiring protected access to sensitive data remotely.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

Harel Mallac Technologies

Harel Mallac Technologies

Harel Mallac Technologies is a Mauritian organisation that has developed a strong network of ICT specialists with nodes across the African continent.

Cynerio

Cynerio

Cynerio develops cybersecurity protections for medical devices, comparing network behavior with a database of medical workflows.

AlertEnterprise

AlertEnterprise

AlertEnterprise uniquely eliminates silos and uncovers blended threats across IT Security, Physical Access Controls and Industrial Control Systems.

Bessemer Venture Partners (BVP)

Bessemer Venture Partners (BVP)

Bessemer Venture Partners was born from innovations that literally forged modern building and manufacturing. Today, our team of investors works with people who want to create revolutions of their own.

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

ICS-ISAC is a non-profit, public/private Knowledge Sharing Center established to help facilities develop situational awareness in support of local, national and international security.

Dr Web

Dr Web

Since 1992 the Russian anti-virus Dr.Web has been helping companies to keep their digital assets protected and operate in a secure digital environment.

Byos

Byos

Byos provides visibility of devices across all networks, regardless of location, integrating with your existing security stack.

Neya Systems

Neya Systems

Neya Systems, a leader in advanced off-road autonomy and high-level multi-robot mission planning, provides innovative solutions for uncrewed ground, aerial, and surface vehicles.

Relyance AI

Relyance AI

Relyance AI - One unified platform for privacy, security, & governance.

Qryptonic

Qryptonic

Qryptonic pioneers next-generation cybersecurity by leveraging the unparalleled capabilities of quantum computing to defend against evolving threats.